<%@ page contentType="text/html; charset=utf-8" language="java" import="java.sql.*"%>
<%@ page import="com.util.*"%>
<%
	DBO db=new DBO();
	request.setCharacterEncoding("utf-8");
	String yhm=(String)request.getParameter("yhm");
	String mm=(String)request.getParameter("mm");
	String qx=(String)request.getParameter("qx");
	String sql="";
	String yzm=(String)request.getParameter("yzm");
	String rand=(String)session.getAttribute("rand");
	if(!rand.equals(yzm)){
		out.println("<script>");
		out.println("alert('操作失败，验证码不对');");
		out.println("window.location='login.jsp'");
		out.println("</script>");
		return;
	}

if(qx.equals("管理员")){
sql="select * from gly where yhm='"+yhm+"' and mm='"+mm+"' ";
}
if(qx.equals("学生")){
sql="select * from xuesheng where yhm='"+yhm+"' and mm='"+mm+"' ";
}
if(qx.equals("教师")){
sql="select * from jiaoshi where yhm='"+yhm+"' and mm='"+mm+"' ";
}

System.out.println("sql="+sql);
db.open();
ResultSet rs=db.query(sql);
out.println("<script>");
if(rs.next()){

if(qx.equals("管理员")){
session.setAttribute("id",rs.getString("glyid"));
}
if(qx.equals("学生")){
session.setAttribute("id",rs.getString("xsid"));
}
if(qx.equals("教师")){
session.setAttribute("id",rs.getString("jsid"));
}


session.setAttribute("yhm",rs.getString("yhm"));
session.setAttribute("mm",rs.getString("mm"));
session.setAttribute("qx",qx);
;

out.println("alert('登录成功');");
out.println("window.location='index.jsp'");
}else{
out.println("alert('用户名或者密码错误');");
out.println("window.location='login.jsp'");
}
out.println("</script>");
%>
